<%
	//Description: Checkout2 Response Page
	//CreateTime: 2006-07-27
%>
<%@page import="java.util.*,com.probiz.estore.common.model.system.PaymentGateway,
		org.springframework.web.context.support.*,
		org.springframework.web.context.*,
		com.probiz.estore.system.service.*,com.probiz.estore.system.util.*" 
		errorPage="/error.jsp"
	contentType="text/html; charset=UTF-8"
%>
<%
	//parameter cart_order_id store the order number
	// when request to paymentgateway.	

	String cartOrderId=request.getParameter("cart_order_id");

	String succFlag="0";//is wrong data or is come from other unfriend source (eg vicious attack)

	String orderNo="";
	
	if(cartOrderId!=null){
		orderNo=request.getParameter("order_number");

		String total=request.getParameter("total");

		String demo=request.getParameter("demo");

		String processResult=request.getParameter("credit_card_processed");

		String key=request.getParameter("key");

		if(demo!=null && "Y".equalsIgnoreCase(demo)){
			orderNo="1";	
		}
		
		WebApplicationContext cxt=WebApplicationContextUtils.getWebApplicationContext(pageContext.getServletContext());
		PaymentGatewayManager paymentGatewayManager=(PaymentGatewayManager)cxt.getBean("paymentGatewayManager");
		PaymentGateway paymentGateway=paymentGatewayManager.getByPaymentGatewayCode("checkout2");
		paymentGateway.getPaymentGatewayId();
		//get this payment gateway configuration data to verify the data trueness
		
		String secretword=paymentGateway.getConfigData().get("secretword").toString();
		
		String vendorId=paymentGateway.getConfigData().get("vendorId").toString();
		
		//md5 ( secret word + vendor number + order number + total )
		String md5Key=TranslateService.md5Translate(secretword+vendorId+orderNo+total).toUpperCase();	
			
		if(md5Key.equals(key)){//data is really come from checkout2 server
			if(processResult.equalsIgnoreCase("Y")){//order has pay for successfully
				succFlag="1";
			}else if(processResult.equalsIgnoreCase("K")){//waiting for approval (Pending)
				succFlag="-1";
			}
		}

		request.setAttribute("orderNo",orderNo);
		request.setAttribute("successFlag",succFlag);
		request.setAttribute("paymentGatewayId",paymentGateway.getPaymentGatewayId());
		request.setAttribute("amount",total);
	}
%>
<%@include file="./include/finishPayResult.jspf"%>
<%@include file="./include/inc_common_response.jspf"%>